Isaca CISA Practice Test - Questions Answers, Page 94

During which phase of the software development life cycle should an IS auditor be consulted to recommend security controls?

Which of the following is the MOST important consideration when defining an operational log management strategy?

An external audit firm was engaged to perform a validation and verification review for a systems implementation project. The IS auditor identifies that regression testing is not part of the project plan and was not performed by the systems implementation team. According to the team, the parallel testing being performed is sufficient, making regression testing unnecessary. What should be the auditor's NEXT step?

Which of the following approaches BEST enables an IS auditor to detect security vulnerabilities within an application?

An organization is implementing a new data loss prevention (DLP) tool. Which of the following will BEST enable the organization to reduce false positive alerts?

An IS auditor is tasked to review an organization's plan-do-check-act (PDCA) method for improving IT-related processes and wants to determine the accuracy of defined targets to be achieved. Which of the following steps in the PDCA process should the auditor PRIMARILY focus on in this situation?

Which of the following should be used as the PRIMARY basis for prioritizing IT projects and initiatives?

Which of the following network communication protocols is used by network devices such as routers to send error messages and operational information indicating success or failure when communicating with another IP address?

An IS auditor reviewing an organization's IT systems finds that the organization frequently purchases systems that are incompatible with the technologies already in the organization. Which of the following is the MOST likely reason?